intervi/simpleauth

Providing easy auth system and CSRF protection functional.

This package's canonical repository appears to be gone and the package has been frozen as a result. Email us for help if needed.

Maintainers

Details

code.intervi.fun/InterViWeb/SimpleAuth

Installs: 6

Dependents: 0

Suggesters: 0

Security: 0

1.2 2019-03-12 20:05 UTC

Requires

  • php: >=5.3

LGPL-3.0-only 4bf41344bdb846e6f5bd961cd3e77d5df562ae31

  • InterVi <intervionly.woop@gmail.com>

passwordauthcsrf

This package is not auto-updated.

Last update: 2019-08-05 23:29:15 UTC

README

Providing easy auth system and CSRF protection functional. See API.

API

Need started session, or methods will throw Exception.

  • __construct($salt, $hashalgo) - Salt is you random string, hashalgo is hash algorithm (see php docs)
  • get_csrf() - return string, generate new or get old CSRF value. Generated value will saving into session.
  • is_valid_csrf($csrf) - return bool, checking valid CSRF
  • is_authed() - return bool, check is authed
  • get_hash($password) - return string, hashed password. $password is raw string password.
  • auth($password, $hash) - return bool, attempt auth. $password is raw password (string), $hash is hashed password (string).
  • logout() - logout

Example

use InterVi\SimpleAuth\SimpleAuth;

session_start();
$user = new User(); //you custom user

$auth = new SimpleAuth('JKhggghgFdfs33ds', 'sha256');
if ($auth->is_authed()) {
    //example CSRF checking
    $csrf = filter_input(INPUT_POST, 'csrf');
    if (!$auth->is_valid_csrf($csrf)) {
        http_response_code(401);
        die('401 Unauthorized');
    }
} else {
    //example auth
    $data = json_decode(file_get_contents('php://input'), true);
    if (!$auth->auth($data['password'])) {
        http_response_code(401);
        die('401 Unauthorized');
    }
}